c2979a5b71792b4ffe1dfc41814a6bbdef85cfc37f5e895d25787f64476c64c3 | Triage

Submit
Reports

Overview

overview

8

Static

static

c2979a5b71...c3.exe

windows7-x64

8

c2979a5b71...c3.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

c2979a5b71792b4ffe1dfc41814a6bbdef85cfc37f5e895d25787f64476c64c3.exe

Resource

win7-20220812-en

discovery evasion persistence spyware stealer trojan

windows7-x64

17 signatures

150 seconds

Behavioral task

behavioral2

Sample

c2979a5b71792b4ffe1dfc41814a6bbdef85cfc37f5e895d25787f64476c64c3.exe

Resource

win10v2004-20220901-en

discovery evasion persistence spyware stealer trojan

windows10-2004-x64

17 signatures

150 seconds

General

Target

c2979a5b71792b4ffe1dfc41814a6bbdef85cfc37f5e895d25787f64476c64c3
Size

9KB
MD5

a926593f9a9a6fd71d057068ab1ca0ea
SHA1

57babfcf9b21f9c8f2b056934fe717f3eb93bacc
SHA256

c2979a5b71792b4ffe1dfc41814a6bbdef85cfc37f5e895d25787f64476c64c3
SHA512

ef4422aa3b5457ed3dd1ee02eeb844f730913c7d19c0402d80058932dee16657288233e39aced68d91e28ba9f5808201894cba39122458423335e4e964cf3abc
SSDEEP

96:weXEnC7yZzzAa726n924r8iLN2IjIWA8wf1e8UWS6PrnFnn6APVtkiQlxaC3B:weXvyZHSa924YiLAsARyWS6jnFn6Ag3

Score

N/A

Malware Config

Signatures

Files

c2979a5b71792b4ffe1dfc41814a6bbdef85cfc37f5e895d25787f64476c64c3
.exe windows x86

7cc04077684b58037378e7cf235ca6f8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

URLDownloadToFileA

shlwapi

PathAppendA
StrStrA

kernel32

lstrcatA
lstrcpyA
CreateProcessA
GetTempFileNameA
lstrlenA
ExitProcess
lstrcpynA
GetCommandLineA
WaitForSingleObject
IsProcessorFeaturePresent
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetTempPathA
TerminateProcess

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegSetValueExA
RegCreateKeyExA

shell32

SHGetFolderPathA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 316B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy